As you manage your Web applications using OpenEdge Management, one of the primary concerns is the security of the data transferred over the Internet. Attackers can exploit the vulnerabilities in Web applications to maliciously gain access to the management console and additional privileges to cause service disruption.

For security reasons, OpenEdge Management does not recommend using inline JavaScript. OpenEdge Management is configured to disable inline JavaScript when a web page request is made. And to address Cross-site scripting (XSS) attacks, OpenEdge Management recommends the use of penetration tools such as OWASP Zap to perform security testing for third party Web applications.

To simplify the security configuration, OpenEdge Management provides a SSO process for all Web applications running in its Web server. For more information, see Implement single sign-on (SSO).